<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2723.2500" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>"<FONT face="Times New Roman" size=3>In regards to
Mac filtering I recommend it all the time... Now, correct me if I<BR>am wrong,
this is just an idea I was pondering last night, spoofing Mac<BR>addresses only
affects the application layer and cannot change the Address in<BR>the Mac layer
of the OSI model. So, if the access point drilled down to the Mac<BR>layer for
the real address, you would be safe? I have not bounced this off our<BR>tech
guys, so forgive me if it sounds foolish."</FONT></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>that was what i was thinking too, but
there are (wired) network cards around with programmable macs.</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>so the conclusion i'm getting from
all these replies is that mac is only to stop the most casual interference. fair
enough.</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>is there any major drawbacks to using
something like freeSwan? does it take a big speed hit or just a little one like
5% or something?</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2>thanks, Nathan</FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=Michael_Florence@dlink.com.au
href="mailto:Michael_Florence@dlink.com.au">Michael_Florence@dlink.com.au</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=melbwireless@wireless.org.au
href="mailto:melbwireless@wireless.org.au">melbwireless@wireless.org.au</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, February 12, 2003 8:47
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [MLB-WIRELESS] MAC security
- how good is it?</DIV>
<DIV><BR></DIV><BR><BR>Nath,<BR><BR>Use a number of built in and non built in
security measures.<BR><BR>My analogy is that of a car, it has door locks,
alarm, engine immobiliser, fuel<BR>tap, secret switch, you may have a club
lock etc. By themselves, these offer<BR>little protection, however a
combination will ensure that the thief (hacker)<BR>goes elsewhere. However,
depending on what you use, the more you put on may slow<BR>your network
considerably.<BR><BR>* Using something like Airsnort will take forever to
sniff enough packets.<BR>Airsnort report in their FAQ that for 128 bit
encryption, to hack a wireless<BR>network of 4 people who surf the web
constantly all day will take between 10 &<BR>33 days. Sure, once it has
the "interesting packets" it can crack it in seconds,<BR>however it needs the
packets first and this takes time. Devices with 256 bit<BR>encryption are
available from D-Link.<BR><BR>* Use D-Link AirPlus products that have PBCC
modulation. As far as I know there<BR>is no software that can sniff this
modulation scheme And it's 22MB.<BR><BR>* Use an AP with Authentication. The
D-Link DWL-1000AP+ has Radius<BR>authentication support. (another plug for
D-Link)<BR><BR>* Run IPSEC across the WLAN (not recomended to use with WEP
because of speed.<BR>Use one or the other). Should be close to
bulletproof.<BR><BR>* Create policies on your network so no-one adds rogue
access points without<BR>your configuration.<BR><BR>In regards to Mac
filtering I recommend it all the time... Now, correct me if I<BR>am wrong,
this is just an idea I was pondering last night, spoofing Mac<BR>addresses
only affects the application layer and cannot change the Address in<BR>the Mac
layer of the OSI model. So, if the access point drilled down to the
Mac<BR>layer for the real address, you would be safe? I have not bounced this
off our<BR>tech guys, so forgive me if it sounds foolish.<BR><BR>-Michael
Florence<BR><BR><BR><BR><BR><BR><BR><BR><BR>"Nath P"
<nathp@optushome.com.au> on 11/02/2003 07:26:11
PM<BR>
<BR>
<BR>
<BR><BR><BR>
<BR>
<BR>
<BR> To: "'melbwireless'"
<melbwireless@wireless.org.au>
<BR>
<BR> cc: (bcc: Michael
Florence/Sales/DLINK-AUST)
<BR>
<BR>
<BR>
<BR> Subject: [MLB-WIRELESS] MAC security - how good is
it?
<BR>
<BR><BR><BR><BR><BR><BR><BR><BR>Hey everyone,<BR>I was wondering, how good is
mac security by itself with no other
security?<BR>thanks,<BR>Nathan<BR></BLOCKQUOTE></BODY></HTML>